A lost laptop containing the personal data of 109,000 Pensions Trust's members has sparked the latest in a growing list of information security breach alerts.
The missing machine was stolen from the offices of NorthgateArinso, suppliers of the Pensions Trust's computerised pensions administration system, where it was was being used "as a database for development, training and performance testing".
Data on the drive was not encrypted but it was password protected - as if that provides much in the way of reassurance. Data held on the laptop included name, address, date of birth, NI number, name of employer, salary details, name of and relationship to nominees and, for those drawing a pension, bank account details.
Members of six of the Pension Trust's 39 schemes were affected by the breach. The records potentially exposed data from May 2007.
The Pensions Trust sent out letters this week informing affected members that their personal details have potentially been exposed as a result of the breach.Scans of the letter in factsheets on the breach can be found here.
DataLossDB tags this as Incident 2021.